HSDPA and LAN

  • Thread starter Thread starter Rozeboosje
  • Start date Start date
R

Rozeboosje

Hi folks,

I'm on a company LAN with very restricted internet policies. I also have a
mobile phone with a HSDPA connection. I have set this up to connect and the
connection is working fine.

If I use either the local area connection or the phone connection,
everything works as expected. With the former I get all access to local
servers, the Intranet, and restricted access to the Internet. With the latter
I get unrestricted access to the Internet but no local access.

If I activate BOTH though, it behaves erratically. Sometimes I don't get
internet access. Sometimes I don't get local access. Sometimes I don't get
ANY access. The moment I disable one of the two connections, it reverts back
to normal behaviour for the remaining connection.

I guess, ignoramus as I am, that this must have something to do with
Routing? Would anyone have the patience to help a complete n00b out?
 
Hi folks,

I'm on a company LAN with very restricted internet policies. I also have a
mobile phone with a HSDPA connection. I have set this up to connect and the
connection is working fine.

If I use either the local area connection or the phone connection,
everything works as expected. With the former I get all access to local
servers, the Intranet, and restricted access to the Internet. With the latter
I get unrestricted access to the Internet but no local access.

If I activate BOTH though, it behaves erratically. Sometimes I don't get
internet access. Sometimes I don't get local access. Sometimes I don't get
ANY access. The moment I disable one of the two connections, it reverts back
to normal behaviour for the remaining connection.

I guess, ignoramus as I am, that this must have something to do with
Routing? Would anyone have the patience to help a complete n00b out?
Click to expand...

I recommend that you consult with the company's IT department about
this.

First, ask them whether you're permitted to connect your computer to
the Internet using your mobile phone. Many companies don't allow
that, because an Internet connection that doesn't use the company's
firewall could be a security risk to the whole company network.

If it's OK to use your mobile phone's Internet connection, the IT
department should be able to help you get everything to work.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
Hi folks,

I'm on a company LAN with very restricted internet policies. I
also have a mobile phone with a HSDPA connection. I have set this
up to connect and the connection is working fine.

If I use either the local area connection or the phone connection,
everything works as expected. With the former I get all access to
local servers, the Intranet, and restricted access to the
Internet. With the latter I get unrestricted access to the
Internet but no local access.

If I activate BOTH though, it behaves erratically. Sometimes I
don't get internet access. Sometimes I don't get local access.
Sometimes I don't get ANY access. The moment I disable one of the
two connections, it reverts back to normal behaviour for the
remaining connection.

I guess, ignoramus as I am, that this must have something to do
with Routing? Would anyone have the patience to help a complete
n00b out?
Click to expand...

Each connection has its default gateway. If they have the same
priority (metric) then it is a coin flip as to which gateway is
used. The default configuration is not smart enough to know which
IP addresses are internal company addresses and which are not. You
can probably get this to work by modifying the routing table. Check
the article:

"Making Sense of Windows Routing Tables"
<www.windowsnetworking.com/articles_tutorials/Making-Sense-Windows-Routing-Tables.html>

Note that having simultaneous access to public and private networks
can be viewed as a security risk. You should make sure you have
permission to do this.

HTH,
John
 
Hello John, hello Steve,

If the IT department here would be receptive to requests for open internet
access I wouldn't have to ask this question. Instead, they have blocked
pretty much every port I can think of, and filtered out half the web sites
besides. As an IT professional that makes my job much more difficult than
necessary. You know yourself how much information is out there on the Web.
Frankly, I'm amazed that I can even see THIS page through the company
firewall.

So do I have permission? No. But you guys don't need to worry about that; I
am well aware that whatever information from you I would use, it is my own
responsibility to use it wisely. Or unwisely.

John,

I looked at the page you posted, and while it makes sense on some level, it
doesn't help me decide how to resolve my problem. I'm just too ignorant in
this area to understand it well enough to use it :-(
 
Hello John, hello Steve,

If the IT department here would be receptive to requests for open internet
access I wouldn't have to ask this question. Instead, they have blocked
pretty much every port I can think of, and filtered out half the web sites
besides. As an IT professional that makes my job much more difficult than
necessary. You know yourself how much information is out there on the Web.
Frankly, I'm amazed that I can even see THIS page through the company
firewall.

So do I have permission? No. But you guys don't need to worry about that; I
am well aware that whatever information from you I would use, it is my own
responsibility to use it wisely. Or unwisely.
Click to expand...

The IT department has reasons for blocking access, such as maintaining
the security of the network and the company's computers.

No, I'm not worried. It's your job, not mine. But I'm not going to
help you violate your company's policies.

I assume that you're aware of the possible consequences of doing that.
At many companies, it's cause for immediate termination.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
Steve Winograd said:
No, I'm not worried. It's your job, not mine. But I'm not going to
help you violate your company's policies.
Click to expand...

Steve, please relax.

You know what Gandhi said about laws: they're just like people. There are
good people and bad people. There are good laws and bad laws. There are good
company policies and there are bad ones. And the bad ones must be opposed and
undermined. Please allow me to worry about potential consequences.

Nor am I planning to do anything that is truly illegal such as company
espionage. I just want some control over my work environment.

When I arrived here a short while ago I found the network crawling with
viruses and my machine compromised. And all that despite all this draconian
internet nannying that is going on.

Since then I have gained control over my own PC, and I have enabled
Microsoft Update, made sure it was fully up to date (suddenly it stopped
crashing every five minutes, what a surprise) and ensuring the AntiVirus
software was fully up to date. I now have a stable PC, as opposed to most of
my colleagues.

All I want to do is extend this control to how I access the web. Company
policies be damned, but without ANY intent to do anything that could actually
be detrimental to this company, like sitting there like some sort of a dunce
with a PC that is out of my control spewing viruses all over this network -
like many of my colleagues.

I honestly don't know what to think of the IT department here, but I know
that one of the servers here has had the perlovga virus on it for months,
even though I've looked up the removal instructions and they seem pretty
straightforward.

So I would appreciate it if you could leave concerns about how this may
affect me to me, and you could help me out with the actual technical detail
of this problem I am having. If it helps, imagine that I have spoken to the
IT department here and their response was that if I could work out how to do
this I'd be welcome to but they were unable to help me. For all I know that
is the actual response I would get in any case. Ok? I am, however, determined
to crack this nut.

I could go about it like a bull in a china shop, breaking the FSM-knows-what
while I'm trying to get the access I want, or with expert help like yours do
this properly so that I don't cause real damage. It would be greatly
appreciated.
 
You know what Gandhi said about laws: they're just like people. There are
good people and bad people. There are good laws and bad laws. There are good
company policies and there are bad ones. And the bad ones must be opposed and
undermined. Please allow me to worry about potential consequences.

Nor am I planning to do anything that is truly illegal such as company
espionage. I just want some control over my work environment.

When I arrived here a short while ago I found the network crawling with
viruses and my machine compromised. And all that despite all this draconian
internet nannying that is going on.

Since then I have gained control over my own PC, and I have enabled
Microsoft Update, made sure it was fully up to date (suddenly it stopped
crashing every five minutes, what a surprise) and ensuring the AntiVirus
software was fully up to date. I now have a stable PC, as opposed to most of
my colleagues.

All I want to do is extend this control to how I access the web. Company
policies be damned, but without ANY intent to do anything that could actually
be detrimental to this company, like sitting there like some sort of a dunce
with a PC that is out of my control spewing viruses all over this network -
like many of my colleagues.

I honestly don't know what to think of the IT department here, but I know
that one of the servers here has had the perlovga virus on it for months,
even though I've looked up the removal instructions and they seem pretty
straightforward.

So I would appreciate it if you could leave concerns about how this may
affect me to me, and you could help me out with the actual technical detail
of this problem I am having. If it helps, imagine that I have spoken to the
IT department here and their response was that if I could work out how to do
this I'd be welcome to but they were unable to help me. For all I know that
is the actual response I would get in any case. Ok? I am, however, determined
to crack this nut.

I could go about it like a bull in a china shop, breaking the FSM-knows-what
while I'm trying to get the access I want, or with expert help like yours do
this properly so that I don't cause real damage. It would be greatly
appreciated.
Click to expand...
Steve, please relax.
Click to expand...

I'm completely relaxed, thanks. :-)

I sympathize with your unhappiness about things at work.

IMHO, there's no proper way to do what you want to do.

If you want to fight your company, violate its policies, endanger the
company network, and put your job in jeopardy, that's your choice.

But I won't help you do it.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
As an IT professional that makes my job much more difficult than
necessary.
Click to expand...
I looked at the page you posted, and while it makes sense on some
level, it doesn't help me decide how to resolve my problem. I'm
just too ignorant in this area to understand it well enough to use
it :-(
Click to expand...

As an IT professional, it would be in your best interest to learn about
routing tables. After all, it is pretty basic IT knowledge, you have
the motivation, and it's too much to explain in a newsgroup. Try
Googling...

-- John
 
Steve Winograd said:
IMHO, there's no proper way to do what you want to do.
Click to expand...

Thanks - at least that is SOME information. In that case I'll be happy to
proceed by simply switching connections if and when necessary. After all,
it's not like I need this ALL the time. Now why couldn't you just have said
that right away rather than lecturing me on how to be a good little peon?

Always - ALWAYS question authority.
 
John Wunderlich said:
Try Googling...
Click to expand...

Yeah, well, I'm not THAT much of a n00b, LOL. I did google it, and I have
fiddled about with the route command, trying to add/delete routes and
changing their metrics, but I'm not getting anywhere fast. Either internet
access ceases completely, or the network access breaks down. One or the other
always stops working. Then I have to disable the connections and enable one
of them, which restores things to normal for that connection.

If you agree with Steve that this cannot be done, then that's OK. At least I
know I can stop trying to bash my head against that brick wall, and just be
content with switching the connections if and when necessary. It's clumsy but
it works. I would have loved to have set up Outlook to monitor my personal
e-mails through POP3 but I guess I can live with a Web Mail client.
 
Thanks - at least that is SOME information. In that case I'll be happy to
proceed by simply switching connections if and when necessary. After all,
it's not like I need this ALL the time. Now why couldn't you just have said
that right away rather than lecturing me on how to be a good little peon?

Always - ALWAYS question authority.
Click to expand...

I didn't mean that what you want to do is technically impossible.

I meant that there's no ethical way to do what you want. You might not
care about that, but I do.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
Steve Winograd said:
I meant that there's no ethical way to do what you want. You might not
care about that, but I do.
Click to expand...

Do not presume to think that you are an authority on ethics, Steve. I could
teach you a thing or two on ethics and morality. You present yourself as an
authority on Networking and the Web. Please stick to that role, and leave
ethical and moral considerations up to people who know what they are talking
about.
 
Do not presume to think that you are an authority on ethics, Steve. I could
teach you a thing or two on ethics and morality. You present yourself as an
authority on Networking and the Web. Please stick to that role, and leave
ethical and moral considerations up to people who know what they are talking
about.
Click to expand...

I'm not going to debate ethics and morality with you. Your stated
intention to violate your company's network security policy, and the
contempt that you've expressed for your company's policies and the
people who implement them, speak for themselves.

“Never try to teach a pig to sing; it wastes your time, and it annoys
the pig.” -- Will Rogers
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
Steve Winograd said:
I'm not going to debate ethics and morality with you. Your stated
intention to violate your company's network security policy, and the
contempt that you've expressed for your company's policies and the
people who implement them, speak for themselves.
Click to expand...

And yet here you are posting comment after comment berating me, insulting
me, condescending to me and arrogating to yourself a level of authority that
is way beyond what you are able to handle. Why is that, Steve?
 
And yet here you are posting comment after comment berating me, insulting
me, condescending to me and arrogating to yourself a level of authority that
is way beyond what you are able to handle. Why is that, Steve?
Click to expand...

I'm sorry if you find what I say insulting. That's not my intention.

Anyone who reads your previous posts can verify what I said about
them.

I quoted Will Rogers for a little humor, and to say that neither of us
will convince the other one of anything, so it's pointless to try.

--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
 
Steve Winograd said:
I'm sorry if you find what I say insulting. That's not my intention.
Click to expand...

Yeah, right.

Anyway, Steve, in the end it wasn't all that difficult, really. This is what
I did:

1) I created a few persistent routes to our internal range of IP Addresses
with nice high priority metrics.
2) I added entries in the HOSTS files for the servers I connect to.

Then - and I'm going to automate this - I will do the following when I log in:

3) Establish the current IP addresses for machines I need to connect to that
have dynamic IP addresses.
4) Connect to my HSDPA connection
5) Run IPConfig to find out what the default gateways are today
6) Remove route 0.0.0.0
7) Add route 0.0.0.0 back in but ensuring that the route through my HSDPA
gateway gets a better metric

And Bob's your uncle.
 
John Wunderlich said:
As an IT professional, it would be in your best interest to learn about
routing tables. After all, it is pretty basic IT knowledge, you have
the motivation, and it's too much to explain in a newsgroup. Try
Googling...
Click to expand...

Yup. That helped. (grin)
 
Rozeboosje said:
6) Remove route 0.0.0.0
7) Add route 0.0.0.0 back in but ensuring that the route through my HSDPA
gateway gets a better metric
Click to expand...

Also, I set a lower default metric on my HSDPA connection which makes it
more likely that its gateway will be selected as the default gateway, in
which case it would be unnecessary to do the above.
 
Back
Top